As economy increasingly globalizes, more and more corporations operate internationally. People from different sections of a corporation access and share various kinds and levels of information such as from basic software to advanced applications (e.g., intellectual properties, production process, and database). These corporations are thus required to have a capacity of effectively maintaining the information and managing the access process to ensure that a qualified user accesses appropriate information. In addition, since security of the information is critical to commercial success of these corporations, how to protect them from potential commercial crimes becomes a challenge.
However, currently most corporations do not have a systematic methodology and automatic procedures to approve and re-certify a user's access rights to applications in their computer system. Besides, when a user needs to access different applications, he is usually required to apply multiple IDs, which is labor-intensive in servicing a global business community. Furthermore, when a user leaves his job, his access rights are often not terminated timely. Also, when a user' functional roles change, his access rights are often not adjusted correspondingly.
Hence, in order to effectively protect information in an institution's computer system and meet access needs of a global business community, there is a need to establish a methodology and system for access rights re-certification to ensure that the information in the institution's computer system is accessed by an appropriate user.